12-24-2021 03:23 AM
Hi !
We have identified many flaws (CVE-2020-3187, CVE-2018-0296, CVE-2020-3452, CVE-2020-3580, CVE-2020-3452, CVE-2020-3452..) on our ASA device running version 9.8(2)20. Then we decided to perform an upgrade to a more recent version 9.12(4)30 (according to details provided here https://www.cisco.com/web/software/280775065/152946/ASA-9124-Interim-Release-Notes.html ) which was supposed to be free of any above vulnerabilities. But it seems we are still receiving alert related to these flaws.
I would like to know how I can be sure that ASA version 9.12(4)30 is not exposed to above vulnerabilities? is it any relevant document or portal that I can used to check that information to have assurance.
Thank !
Solved! Go to Solution.
12-24-2021 04:12 AM
Hi,
You can refer cisco advisories to find the fixed versions for each vulnerability. for ex. check below link for your first CVE. these documents explains, affected versions and fixed versions.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43
12-24-2021 04:12 AM
Hi,
You can refer cisco advisories to find the fixed versions for each vulnerability. for ex. check below link for your first CVE. these documents explains, affected versions and fixed versions.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide